Added API endpoints for projects

src/Entity/ProjectSystem/Project.php

@@ -22,8 +22,22 @@ declare(strict_types=1);
 
 namespace App\Entity\ProjectSystem;
 
+use ApiPlatform\Doctrine\Orm\Filter\DateFilter;
+use ApiPlatform\Doctrine\Orm\Filter\OrderFilter;
+use ApiPlatform\Metadata\ApiFilter;
+use ApiPlatform\Metadata\ApiProperty;
+use ApiPlatform\Metadata\ApiResource;
+use ApiPlatform\Metadata\Delete;
+use ApiPlatform\Metadata\Get;
+use ApiPlatform\Metadata\GetCollection;
+use ApiPlatform\Metadata\Link;
+use ApiPlatform\Metadata\Patch;
+use ApiPlatform\Metadata\Post;
+use ApiPlatform\Serializer\Filter\PropertyFilter;
+use App\ApiPlatform\Filter\LikeFilter;
 use App\Entity\Attachments\Attachment;
 use App\Entity\Attachments\AttachmentTypeAttachment;
+use App\Entity\Parts\Category;
 use App\Repository\Parts\DeviceRepository;
 use App\Validator\Constraints\UniqueObjectCollection;
 use Doctrine\DBAL\Types\Types;
@@ -46,6 +60,31 @@ use Symfony\Component\Validator\Context\ExecutionContextInterface;
  */
 #[ORM\Entity(repositoryClass: DeviceRepository::class)]
 #[ORM\Table(name: 'projects')]
+#[ApiResource(
+    operations: [
+        new Get(security: 'is_granted("read", object)'),
+        new GetCollection(security: 'is_granted("@projects.read")'),
+        new Post(securityPostDenormalize: 'is_granted("create", object)'),
+        new Patch(security: 'is_granted("edit", object)'),
+        new Delete(security: 'is_granted("delete", object)'),
+    ],
+    normalizationContext: ['groups' => ['project:read', 'api:basic:read'], 'openapi_definition_name' => 'Read'],
+    denormalizationContext: ['groups' => ['project:write', 'api:basic:write'], 'openapi_definition_name' => 'Write'],
+)]
+#[ApiResource(
+    uriTemplate: '/projects/{id}/children.{_format}',
+    operations: [
+        new GetCollection(openapiContext: ['summary' => 'Retrieves the children elements of a project.'],
+            security: 'is_granted("@projects.read")')
+    ],
+    uriVariables: [
+        'id' => new Link(fromProperty: 'children', fromClass: Project::class)
+    ],
+    normalizationContext: ['groups' => ['project:read', 'api:basic:read'], 'openapi_definition_name' => 'Read']
+)]
+#[ApiFilter(PropertyFilter::class)]
+#[ApiFilter(LikeFilter::class, properties: ["name", "comment"])]
+#[ApiFilter(OrderFilter::class, properties: ['name', 'id', 'addedDate', 'lastModified'])]
 class Project extends AbstractStructuralDBElement
 {
     #[ORM\OneToMany(targetEntity: self::class, mappedBy: 'parent')]
@@ -54,8 +93,13 @@ class Project extends AbstractStructuralDBElement
 
     #[ORM\ManyToOne(targetEntity: self::class, inversedBy: 'children')]
     #[ORM\JoinColumn(name: 'parent_id')]
+    #[Groups(['project:read', 'project:write'])]
+    #[ApiProperty(readableLink: false, writableLink: false)]
     protected ?AbstractStructuralDBElement $parent = null;
 
+    #[Groups(['project:read', 'project:write'])]
+    protected string $comment = '';
+
     #[Assert\Valid]
     #[Groups(['extended', 'full'])]
     #[ORM\OneToMany(targetEntity: ProjectBOMEntry::class, mappedBy: 'project', cascade: ['persist', 'remove'], orphanRemoval: true)]
@@ -70,7 +114,7 @@ class Project extends AbstractStructuralDBElement
      * @var string|null The current status of the project
      */
     #[Assert\Choice(['draft', 'planning', 'in_production', 'finished', 'archived'])]
-    #[Groups(['extended', 'full'])]
+    #[Groups(['extended', 'full', 'project:read', 'project:write'])]
     #[ORM\Column(type: Types::STRING, length: 64, nullable: true)]
     protected ?string $status = null;
 
@@ -79,12 +123,13 @@ class Project extends AbstractStructuralDBElement
      * @var Part|null The (optional) part that represents the builds of this project in the stock
      */
     #[ORM\OneToOne(targetEntity: Part::class, mappedBy: 'built_project', cascade: ['persist'], orphanRemoval: true)]
+    #[Groups(['project:read', 'project:write'])]
     protected ?Part $build_part = null;
 
     #[ORM\Column(type: Types::BOOLEAN)]
     protected bool $order_only_missing_parts = false;
 
-    #[Groups(['simple', 'extended', 'full'])]
+    #[Groups(['simple', 'extended', 'full', 'project:read', 'project:write'])]
     #[ORM\Column(type: Types::TEXT)]
     protected string $description = '';
 
@@ -93,16 +138,19 @@ class Project extends AbstractStructuralDBElement
      */
     #[ORM\OneToMany(targetEntity: ProjectAttachment::class, mappedBy: 'element', cascade: ['persist', 'remove'], orphanRemoval: true)]
     #[ORM\OrderBy(['name' => 'ASC'])]
+    #[Groups(['project:read', 'project:write'])]
     protected Collection $attachments;
 
     #[ORM\ManyToOne(targetEntity: ProjectAttachment::class)]
     #[ORM\JoinColumn(name: 'id_preview_attachment', onDelete: 'SET NULL')]
+    #[Groups(['project:read', 'project:write'])]
     protected ?Attachment $master_picture_attachment = null;
 
     /** @var Collection<int, ProjectParameter>
      */
     #[ORM\OneToMany(targetEntity: ProjectParameter::class, mappedBy: 'element', cascade: ['persist', 'remove'], orphanRemoval: true)]
     #[ORM\OrderBy(['group' => 'ASC', 'name' => 'ASC'])]
+    #[Groups(['project:read', 'project:write'])]
     protected Collection $parameters;
 
     /********************************************************************************

src/Entity/ProjectSystem/ProjectBOMEntry.php

@@ -22,6 +22,18 @@ declare(strict_types=1);
 
 namespace App\Entity\ProjectSystem;
 
+use ApiPlatform\Doctrine\Orm\Filter\OrderFilter;
+use ApiPlatform\Doctrine\Orm\Filter\RangeFilter;
+use ApiPlatform\Metadata\ApiFilter;
+use ApiPlatform\Metadata\ApiResource;
+use ApiPlatform\Metadata\Delete;
+use ApiPlatform\Metadata\Get;
+use ApiPlatform\Metadata\GetCollection;
+use ApiPlatform\Metadata\Link;
+use ApiPlatform\Metadata\Patch;
+use ApiPlatform\Metadata\Post;
+use ApiPlatform\Serializer\Filter\PropertyFilter;
+use App\ApiPlatform\Filter\LikeFilter;
 use App\Validator\UniqueValidatableInterface;
 use Doctrine\DBAL\Types\Types;
 use App\Entity\Base\AbstractDBElement;
@@ -33,6 +45,7 @@ use App\Validator\Constraints\Selectable;
 use Brick\Math\BigDecimal;
 use Doctrine\ORM\Mapping as ORM;
 use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
+use Symfony\Component\Serializer\Annotation\Groups;
 use Symfony\Component\Validator\Constraints as Assert;
 use Symfony\Component\Validator\Context\ExecutionContextInterface;
 
@@ -42,18 +55,46 @@ use Symfony\Component\Validator\Context\ExecutionContextInterface;
 #[ORM\HasLifecycleCallbacks]
 #[ORM\Entity]
 #[ORM\Table('project_bom_entries')]
+#[ApiResource(
+    operations: [
+        new Get(security: 'is_granted("read", object)', uriTemplate: '/project_bom_entries/{id}.{_format}',),
+        new GetCollection(security: 'is_granted("@projects.read")', uriTemplate: '/project_bom_entries.{_format}',),
+        new Post(securityPostDenormalize: 'is_granted("create", object)', uriTemplate: '/project_bom_entries.{_format}',),
+        new Patch(security: 'is_granted("edit", object)', uriTemplate: '/project_bom_entries/{id}.{_format}',),
+        new Delete(security: 'is_granted("delete", object)', uriTemplate: '/project_bom_entries/{id}.{_format}',),
+    ],
+    normalizationContext: ['groups' => ['bom_entry:read', 'api:basic:read'], 'openapi_definition_name' => 'Read'],
+    denormalizationContext: ['groups' => ['bom_entry:write', 'api:basic:write'], 'openapi_definition_name' => 'Write'],
+)]
+#[ApiResource(
+    uriTemplate: '/projects/{id}/bom.{_format}',
+    operations: [
+        new GetCollection(openapiContext: ['summary' => 'Retrieves the BOM entries of the given project.'],
+            security: 'is_granted("@projects.read")')
+    ],
+    uriVariables: [
+        'id' => new Link(fromProperty: 'bom_entries', fromClass: Project::class)
+    ],
+    normalizationContext: ['groups' => ['bom_entry:read', 'api:basic:read'], 'openapi_definition_name' => 'Read']
+)]
+#[ApiFilter(PropertyFilter::class)]
+#[ApiFilter(LikeFilter::class, properties: ["name", "comment", 'mountnames'])]
+#[ApiFilter(RangeFilter::class, properties: ['quantity'])]
+#[ApiFilter(OrderFilter::class, properties: ['name', 'id', 'addedDate', 'lastModified', 'quantity'])]
 class ProjectBOMEntry extends AbstractDBElement implements UniqueValidatableInterface
 {
     use TimestampTrait;
 
     #[Assert\Positive]
     #[ORM\Column(type: Types::FLOAT, name: 'quantity')]
+    #[Groups(['bom_entry:read', 'bom_entry:write'])]
     protected float $quantity = 1.0;
 
     /**
      * @var string A comma separated list of the names, where this parts should be placed
      */
     #[ORM\Column(type: Types::TEXT, name: 'mountnames')]
+    #[Groups(['bom_entry:read', 'bom_entry:write'])]
     protected string $mountnames = '';
 
     /**
@@ -61,12 +102,14 @@ class ProjectBOMEntry extends AbstractDBElement implements UniqueValidatableInte
      */
     #[Assert\Expression('this.getPart() !== null or this.getName() !== null', message: 'validator.project.bom_entry.name_or_part_needed')]
     #[ORM\Column(type: Types::STRING, nullable: true)]
+    #[Groups(['bom_entry:read', 'bom_entry:write'])]
     protected ?string $name = null;
 
     /**
      * @var string An optional comment for this BOM entry
      */
     #[ORM\Column(type: Types::TEXT)]
+    #[Groups(['bom_entry:read', 'bom_entry:write'])]
     protected string $comment = '';
 
     /**
@@ -74,6 +117,7 @@ class ProjectBOMEntry extends AbstractDBElement implements UniqueValidatableInte
      */
     #[ORM\ManyToOne(targetEntity: Project::class, inversedBy: 'bom_entries')]
     #[ORM\JoinColumn(name: 'id_device')]
+    #[Groups(['bom_entry:read', 'bom_entry:write'])]
     protected ?Project $project = null;
 
     /**
@@ -81,6 +125,7 @@ class ProjectBOMEntry extends AbstractDBElement implements UniqueValidatableInte
      */
     #[ORM\ManyToOne(targetEntity: Part::class, inversedBy: 'project_bom_entries')]
     #[ORM\JoinColumn(name: 'id_part')]
+    #[Groups(['bom_entry:read', 'bom_entry:write'])]
     protected ?Part $part = null;
 
     /**
@@ -88,6 +133,7 @@ class ProjectBOMEntry extends AbstractDBElement implements UniqueValidatableInte
      */
     #[Assert\AtLeastOneOf([new BigDecimalPositive(), new Assert\IsNull()])]
     #[ORM\Column(type: 'big_decimal', precision: 11, scale: 5, nullable: true)]
+    #[Groups(['bom_entry:read', 'bom_entry:write'])]
     protected ?BigDecimal $price = null;
 
     /**

src/Security/Voter/BOMEntryVoter.php

@@ -0,0 +1,76 @@
+<?php
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+declare(strict_types=1);
+
+
+namespace App\Security\Voter;
+
+use App\Entity\ProjectSystem\ProjectBOMEntry;
+use Symfony\Bundle\SecurityBundle\Security;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Voter;
+
+class BOMEntryVoter extends Voter
+{
+
+    private const ALLOWED_ATTRIBUTES = ['read', 'view', 'edit', 'delete', 'create'];
+
+    public function __construct(private readonly Security $security)
+    {
+    }
+
+    protected function supports(string $attribute, mixed $subject): bool
+    {
+        return $this->supportsAttribute($attribute) && is_a($subject, ProjectBOMEntry::class);
+    }
+
+    protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
+    {
+        if (!$subject instanceof ProjectBOMEntry) {
+            return false;
+        }
+
+        $project = $subject->getProject();
+
+        //Allow everything if the project was not set yet
+        if ($project === null) {
+            return true;
+        }
+
+        //Entry can be read if the user has read access to the project
+        if ($attribute === 'read') {
+            return $this->security->isGranted('read', $project);
+        }
+
+        //Everything else can be done if the user has edit access to the project
+        return $this->security->isGranted('edit', $project);
+    }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return is_a($subjectType, ProjectBOMEntry::class, true);
+    }
+}